Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jrfd2DFX5mOcvwb1-p65MYEwJdM.roa
File: jrfd2DFX5mOcvwb1-p65MYEwJdM.roa (raw, json)
Hash identifier: J49HwAtoruYijzhvPPo5q3lW8HwGs/c6euoTX2bvSKo=
Subject key identifier: 8E:B7:DD:D8:31:57:E6:63:9C:BF:06:F5:FA:9E:B9:31:81:30:25:D3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019539C713BAC3C971C386C39718F8A8A492
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jrfd2DFX5mOcvwb1-p65MYEwJdM.roa
Signing time: Mon 24 Feb 2025 21:05:02 +0000
ROA not before: Mon 24 Feb 2025 21:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:195:39c6:7f98/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:39:c7:13:ba:c3:c9:71:c3:86:c3:97:18:f8:a8:a4:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Feb 24 21:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8eb7ddd83157e6639cbf06f5fa9eb931813025d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:88:e5:09:7a:23:ad:3b:fd:78:7e:35:88:87:
50:df:60:ea:50:45:da:d2:55:88:77:01:fa:60:c2:
b9:91:7b:92:5a:1d:e6:83:d5:58:1d:32:71:d7:60:
cf:c7:24:0b:77:0d:b9:1d:94:54:3c:d2:e7:6d:79:
21:82:ca:78:0e:34:16:b5:41:b8:98:b8:67:12:f2:
f7:47:05:e9:5f:ae:71:cb:1a:c8:63:e3:f3:b1:21:
49:eb:65:3c:bf:26:8d:fc:f4:75:a7:84:0e:f4:c0:
cb:be:9b:5c:d4:53:f6:ea:4b:1d:a1:f7:ee:84:00:
34:d4:98:81:5b:dd:2c:57:23:28:cd:c2:5a:ba:82:
dc:bc:ad:b9:d3:a2:6c:24:91:e4:3b:18:63:5b:c3:
ec:ce:6a:a4:f1:73:e9:b9:17:a6:07:97:82:c8:36:
c5:f1:b2:50:66:a0:5c:a4:b6:cb:4a:40:b4:bd:fb:
89:ce:a6:43:40:cc:52:66:6e:60:ea:7d:83:09:ec:
79:1f:28:bd:90:eb:5b:ff:f7:74:29:89:ac:bb:cd:
be:cd:d2:02:23:8d:e5:a5:36:2e:49:ea:37:fd:05:
1e:8f:24:b0:92:c2:c1:8e:aa:cf:e7:90:b3:a2:82:
b2:98:d5:56:57:e9:e0:53:32:c8:fd:ea:6d:3d:4f:
18:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B7:DD:D8:31:57:E6:63:9C:BF:06:F5:FA:9E:B9:31:81:30:25:D3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/jrfd2DFX5mOcvwb1-p65MYEwJdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:195:39c6:7f98/128
Signature Algorithm: sha256WithRSAEncryption
00:0f:cc:91:af:14:5a:ba:d4:c3:a8:38:40:83:2b:a7:bc:77:
17:e6:ca:d4:a9:1e:3d:bd:0f:f5:61:66:fb:d5:19:2e:c6:da:
5b:38:40:8a:9a:df:04:07:69:ee:50:41:21:26:3d:62:eb:01:
22:9a:a2:96:f7:ce:60:a2:11:b6:21:01:e8:05:4c:b5:df:9e:
52:91:45:2f:32:a2:0b:80:fb:f7:cd:ec:2c:a6:24:80:37:17:
a7:08:fd:5e:17:09:eb:35:8a:b5:9b:fe:9d:e5:16:4a:3c:0f:
fc:91:49:f3:1e:b8:a4:1b:61:ec:6a:e7:48:ba:d2:58:9e:db:
16:2b:5f:3c:4f:49:91:6c:e0:07:54:11:55:b0:56:12:7a:72:
34:dd:fd:38:25:85:07:52:b3:da:3c:d5:49:d8:45:69:ff:fe:
85:a0:92:78:e2:57:b5:e7:e5:a1:7f:73:c8:e4:92:be:04:ea:
a6:fa:69:15:b7:d4:9a:9e:13:2c:cf:23:91:dd:e4:41:fc:01:
82:7a:ad:81:b4:3d:66:9c:14:fa:ee:2f:28:1c:00:74:a8:c1:
38:dc:7e:19:96:01:22:79:37:72:a0:b0:33:6c:1b:56:29:6e:
e4:29:13:2a:73:a7:81:39:ec:8c:69:8d:1b:53:64:40:8f:1e:
44:9f:9b:02
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZU5xxO6w8lxw4bDlxj4qKSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjUwMjI0MjEwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWI3ZGRkODMxNTdlNjYzOWNiZjA2ZjVmYTllYjkzMTgxMzAyNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIjlCXojrTv9eH41iIdQ32DqUEXa
0lWIdwH6YMK5kXuSWh3mg9VYHTJx12DPxyQLdw25HZRUPNLnbXkhgsp4DjQWtUG4
mLhnEvL3RwXpX65xyxrIY+PzsSFJ62U8vyaN/PR1p4QO9MDLvptc1FP26ksdoffu
hAA01JiBW90sVyMozcJauoLcvK2506JsJJHkOxhjW8Pszmqk8XPpuRemB5eCyDbF
8bJQZqBcpLbLSkC0vfuJzqZDQMxSZm5g6n2DCex5Hyi9kOtb//d0KYmsu82+zdIC
I43lpTYuSeo3/QUejySwksLBjqrP55CzooKymNVWV+ngUzLI/eptPU8YOwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFI633dgxV+ZjnL8G9fqeuTGBMCXTMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvanJmZDJERlg1bU9jdndiMS1wNjVNWUV3SmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGVOcZ/mDANBgkqhkiG9w0BAQsFAAOCAQEAAA/Mka8UWrrUw6g4QIMrp7x3
F+bK1KkePb0P9WFm+9UZLsbaWzhAiprfBAdp7lBBISY9YusBIpqilvfOYKIRtiEB
6AVMtd+eUpFFLzKiC4D7983sLKYkgDcXpwj9XhcJ6zWKtZv+neUWSjwP/JFJ8x64
pBth7GrnSLrSWJ7bFitfPE9JkWzgB1QRVbBWEnpyNN39OCWFB1Kz2jzVSdhFaf/+
haCSeOJXtefloX9zyOSSvgTqpvppFbfUmp4TLM8jkd3kQfwBgnqtgbQ9ZpwU+u4v
KBwAdKjBONx+GZYBInk3cqCwM2wbVilu5CkTKnOngTnsjGmNG1NkQI8eRJ+bAg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:20:29 2025 by rpki-client